If you use the Authentication plugin, it means that that password field is
used in a login form, right?
In that case, you don't need to use a transformer at all.
The transformer is needed only in the form used for creating a new user,
where the new user types the password in 2 fields that should match, and
then the password should be transformed in sha1_hex for beeing inserted
hashed in the database.
Octavian
----- Original Message -----
From: "David Schmidt" <davew...@gmx.at>
To: "HTML Form Creation,Rendering and Validation Framework"
<html-formfu@lists.scsys.co.uk>
Sent: Thursday, March 19, 2009 6:39 PM
Subject: Re: [html-formfu] applying a filter
I got a little problem here.
in my formfu yml file I use
transformers:
- type: Callback
callback: 'Digest::SHA::sha1_hex'
and in myApp.conf
<authentication>
default_realm dbic
<realms>
<dbic>
<credential>
class Password
password_field password
password_type hashed
password_hash_type SHA-1
</credential>
<store>
(...)
</store>
</dbic>
</realms>
</authentication>
but the hashes dont match.
This hash is inserted (providing password "oioioioi")
0c15f7b5ddad2ba75792b5d30d62ada2e7bda995
But *** perl -MDigest::SHA -e "print
Digest::SHA::sha1_hex('oioioioi')" *** returns
4a8737e65bd1312a45201bee99649b26e0eb3a22
I am not the best of debuggers so I am a bit stuck
as a workaround I am changing the password field manually with
add_valid before I update the model (just as you tried)
but I really want the transformer to work, any hints?
my $account = $c->model('myDB::Accounts')->new_result({});
$form->add_valid("password", sha1_hex($form->param('password')));
$form->model->update($account);
On Thu, Mar 19, 2009 at 4:36 PM, David Schmidt <davew...@gmx.at> wrote:
sweet :)
I was just about to comment on your solution for hashing the pw before
update/insert but transformers seem to be what should be used for that
kind of problem.
thanks
2009/3/19 Octavian Râşniţă <orasn...@gmail.com>:
I found a good solution for that, not by using a filter, but a
transformer.
But it can be done directly without creating a custom module, like:
<element>
type Password
name password
label_xml Password<sup>*</sup>:
filter TrimEdges
constraint Required
<transformers>
type Callback
callback Digest::SHA1::sha1_hex
</transformers>
</element>
The method Digest::SHA1::sha1_hex can be used directly as a callback
method.
Octavian
----- Original Message ----- From: "David Schmidt" <davew...@gmx.at>
To: "HTML Form Creation,Rendering and Validation Framework"
<html-formfu@lists.scsys.co.uk>
Sent: Thursday, March 19, 2009 4:43 PM
Subject: Re: [html-formfu] applying a filter
I wrote my own Filter
lib/HTML/FormFu/Filter/myApp/Digest_SHA.pm
package HTML::FormFu::Filter::myApp::Digest_SHA;
use strict;
use warnings;
use base 'HTML::FormFu::Filter';
use Digest::SHA qw/sha1_hex/;
sub filter {
my ( $self, $value, $params ) = @_;
return sha1_hex($value);
}
1;
and in my create.yml
- type: Password
name: password
filters:
- type: "myApp::Digest_SHA"
works fine, but since I also use the repeat_password constraint and
the filter is applied before passwords are compared I will not use
this approach and rather change the password prior to
updating/inserting into the database.
On Sun, Jan 11, 2009 at 10:21 AM, Octavian Rasnita <orasn...@gmail.com>
wrote:
Hello,
I am trying to find the best way of storing an encrypted password in the
database (when creating a new user for example).
I thought that using a filter might be the best way for this and using a
callback would be enough:
<filters>
type Callback
callback Digest::SHA1::sha1_hex
</filters>
The single problem is that it doesn't work.
Digest::SHA1::sha1_hex returns the encrypted string, so it should work,
but
I don't know why, it doesn't.
I have also tried to use a 'use Digest::SHA1;' in MyApp.pm, even though
without it it didn't give any error, however it still doesn't work, and
the
unencrypted string is inserted in the database.
The code I use for inserting the user is:
if ($form->submitted_and_valid) {
my $user = $form->param_value('user');
my $email = $form->param_value('email');
my $hash = sha1_hex($user . $email . time());
my $new_user = $c->model("DB::TempUser")->new_result({hash => $hash});
$form->process;
$form->model->update($new_user);
}
Am I doing something wrong, or the filter can't be used for what I want?
Thanks.
Octavian
_______________________________________________
HTML-FormFu mailing list
HTML-FormFu@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
--
David Schmidt | http://www.fm5.at
_______________________________________________
HTML-FormFu mailing list
HTML-FormFu@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
_______________________________________________
HTML-FormFu mailing list
HTML-FormFu@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
--
David Schmidt | http://www.fm5.at
--
David Schmidt | http://www.fm5.at
_______________________________________________
HTML-FormFu mailing list
HTML-FormFu@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
_______________________________________________
HTML-FormFu mailing list
HTML-FormFu@lists.scsys.co.uk
http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/html-formfu
